package com.atguigu.springsecurity.controller;


import com.atguigu.springsecurity.util.ResponseResult;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class HelloController {

    @GetMapping("/hello")
//    @PreAuthorize("hasAuthority('system:dept:list')")
    // 下面我们向调用自己写的校验的方法
    @PreAuthorize("@ex.hasAuthority('system:dept:list')")
    public String hello() {
        return "hello";
    }

    /**
     * token是通过localstorege进行获取的 拦截器拦截每次请求，就去setHeader
     * @return
     */
    @PostMapping("/testCors")
    public ResponseResult testCors() {
        return new ResponseResult(200, "testCors");
    }
}
